<%@CODEPAGE="65001"%>
<!--#include file="conn.asp"-->
<!--#include file="md5.asp"-->
<%
'open data
Call OpenData
id = CInt(request("id"))
value = CBool(request("value"))
edit = request("edit")
If edit = "" Or IsNull(edit) Or Not IsNumeric(edit) Then
	edit = 0
End If
edit = CInt(edit)
act = request("act")
fromUser = request("from-user")
toUser = request("to-user")
fromEmail = request("from-email")
toEmail = request("to-email")
because = request("because")
content = request("content")
If act = "new" Then
	if fromUser = "" or toUser = "" Or because = "" Or content = "" Or fromEmail = "" Or toEmail = "" then
		response.write("错误:不就才这几项，你都不能填写完整？\n还道歉呢，不够真诚哟！")
		response.end
	Else
		fromUser = htmldecode(fromUser)
		toUser = htmldecode(toUser)
		fromEmail = htmldecode(fromEmail)
		toEmail = htmldecode(toEmail)
		content = CheckStr(htmldecode(content))
		because = CheckStr(htmldecode(because))
		userip = Request.ServerVariables("HTTP_X_FORWARDED_FOR") 
		If userip = "" Then userip = Request.ServerVariables("REMOTE_ADDR")
		conn.execute("insert into list([fromUser],[toUser],[fromEmail],[toEmail],because,content,ip,published) values('"& fromUser &"','"& toUser &"','"& fromEmail &"','"& toEmail &"','"& because &"','"& content &"','"& userip &"','"& Now() &"')")
		response.write("ok")
	End If
	
End If
'del notes
If act = "delnote" Then
	sqlDel = "delete * from notes where id = "&id
	conn.execute(sqlDel)
	response.write("Delete success!")
End If
'vote
If act = "vote" Then
	If value Then
		conn.execute("update list set islike = islike+1 where id="&id)
	Else
		conn.execute("update list set isbad = isbad+1 where id="&id)
	End If
	'response.write("Delete success!")
End If
'pardon
If act = "status" Then
	conn.execute("update list set status = true where id="&id)
End If
'message
If act = "msg" then
	uname = request("uname")
	uemail = request("uemail")
	usite = request("usite")
	content = request("content")

	if uname = "" or uemail = "" then
		response.write("Error:Please enter your name and your email!")
		response.end
	end If
	If IsValidEmail(uemail) = False Then
		response.write("Error:Your email is wrong!")
		response.end
	End If
	uname = htmldecode(uname)
	uemail = htmldecode(uemail)
	usite = htmldecode(usite)
	content = CheckStr(htmldecode(content))

	set rs = server.createObject("adodb.recordset")
	sql = "select * from message"
	rs.open sql,conn,1,3
	rs.addnew
		rs("username") = uname
		rs("email") = uemail
		rs("website") = usite
		rs("content") = content
		rs("pubtime") = Now()
	rs.update
	rs.close
	set rs = nothing
	response.write("Success:Thank you to me message!")
End If

'comment
If act = "comment" Then
	c_uname = request("c_uname")
	c_uemail = request("c_uemail")
	c_usite = request("c_usite")
	c_content = request("c_content")

	if c_uname = "" or c_uemail = "" then
		response.write("Error:Please enter your name and your email!")
		response.end
	end If
	If IsValidEmail(c_uemail) = False Then
		response.write("Error:Your email is wrong!")
		response.end
	End If
	c_uname = htmldecode(c_uname)
	c_uemail = htmldecode(c_uemail)
	c_usite = htmldecode(c_usite)
	c_content = CheckStr(htmldecode(c_content))
	pubtime = Now()
	set rs = server.createObject("adodb.recordset")
	sql = "select * from comment"
	rs.open sql,conn,1,3
	rs.addnew
		rs("username") = c_uname
		rs("email") = c_uemail
		rs("website") = c_usite
		rs("content") = c_content
		rs("noteid") = ID
		rs("pubtime") = pubtime
	rs.update
	rs.close
	set rs = Nothing
	c_uemail = MD5(c_uemail,32)
	c_date = EnNumDate(pubtime)
	response.write(c_uemail&"|Success:Thank you!"&"|"&c_date)
End If
Call CloseData
%>